The return of Dread: Your Quick Guide

Dread, the largest and most popular dark web forum, has recently relaunched after it was shut down by a massive DDoS attack in November 2022. Its disappearance from the darknet left its administrators and users stunned.

What is Dread?

Dread is a darknet forum that can only be accessed via Tor or I2P.  The forum, which was launched in early 2018, is designed similarly to the popular open web forum Reddit. With over 200,000 members, it is considered to be one of the most valuable forums for illicit content on the dark web, with content on its forums ranging from hacking guides and hacking-related discussions to drug trafficking, stolen PII, and dark web news. 

Its admins, HugBunter and Paris, sorted its content by subjects into “sub dreads,” reminiscent of Reddit’s subreddits. It offers an easy account creation process, but also advanced security measures to protect its user’s identity, including PGP (Pretty Good Privacy) verification, which encrypts files, and wipes data deleted by its users.

The relaunch of Dread

During the five months it was down, Dread’s admins looked to rebuild the site from scratch, in an effort to re-establish the forum’s reputation and user base. They also published updates about their progress from time to time:

On last February 25, HugBunt3r announced that private testing had begun:

His announcement excited many of the site’s followers but after a week of live testing with a few selected members of Dread’s community, the website went down as a result of a major flaw that was detected. 

While its admin, HugBunt3r, didn’t explain what the flaw was, by the end of the day on March 6, HugBunt3r posted his announcement that Dread is back: 

The enthusiasm it sparked was again short-lived, as just hours after its launch, Dread was hit with another devastating DDoS attack. HugBunt3r used Reddit to reveal the culprit behind the attack: a notorious hacker by the name of Geo, who was extorting the admins for payment in return for stopping the attack. This hacker created a great amount of damage on .onion sites, forcing the Tor Project team to take drastic measures and hire new members solely responsible for anti-DDoS attacks against the network. 

Dread’s team worked relentlessly to get it back online and almost 24 hours later, their efforts paid off, and the forum was fully restored. 

The big news around the return of Dread has caught the attention of many underground internet users. They’re not just talking about it on Dread, but also on other illicit sites, like BreachForums: 

Other Dread fans celebrated the news on Dread:

What’s the status of Dread now?

Alongside the excitement among Dread’s users about its return, as seen above, many of their fans were also pleased to see that the forum has not undergone any significant changes, except for minor adjustments that have been introduced to the site’s user interface. Overall, the forum’s layout and features remain the same.

It is important however to mention that the site remains largely unstable. Although most of the admins’ work has focused on ensuring that Dread is well-protected against potential DDoS attacks, the forum is still experiencing some stability issues in recent days. These disruptions are similar to those that led to Dread’s previous shutdown. This situation has even raised concerns about the forum’s safety among the dark web community.

Despite these developments, we believe that the administrators’ hard work will not be in vain, as Dread still serves a unique purpose on the dark web that its users value greatly. As Dread continues to enhance its infrastructure, we anticipate that the forum will introduce more advanced features and functionalities in the future, thereby attracting even more users.

Why is it important to monitor dark web forums?

The shutdown and reemergence of Dread is a good example of how unstable dark web forums and sites can be. With dark web forums like Dread hosting many different illicit activities and content, it is vital to be able to track when such sites go down or relaunch to continuously and proactively monitor potential threats to enterprises and organizations.